Detailed explanation of how to prevent hotlinking using PHP-PHP Tutorial-php.cn

Detailed explanation of how to prevent hotlinking using PHP

巴扎黑

Release： 2023-03-15 20:40:02

Original

1505 people have browsed it

This article mainly introduces the method of anti-hotlinking in PHP, and analyzes the related technologies and specific implementation techniques involved in PHP anti-hotlinking in the form of examples. Friends in need can refer to the following

The examples in this article describe How to prevent hotlinking in PHP. Share it with everyone for your reference, the details are as follows:

$_SERVER['HTTP_REFERER'] acquisition status

Note $_SERVER['HTTP_REFERER '] may not always be obtained, and can only be obtained under the following circumstances:

1. The circumstances under which HTTP_REFERER can be obtained are as follows:

1. Use
2 directly. Form submitted with Submit or (POST or GET)
3． Form submitted using Jscript (POST or GET)

2. The following situations cannot be obtained:

1. Link from Favorites
2. Click "Home" or the customized address
3. Use Jscript's location.href or location.replace()
4． Directly enter the address
5 in the browser. <%Response.Redirect%>
6． <%Response.AddHeader%> or Go to
7． Use XML to load the address

strrpos Function explanation:

strrpos - Calculate the position of the last occurrence of the specified string in the target string

Description

int strrpos (string $haystack, string $needle [, int $offset = 0])<br>Returns the last occurrence of needle in string $haystack Numeric location.

$haystack	Find in this string.
$needle	If needle is not a string, it will be converted to an integer and treated as a sequential value of characters.

Return value

Returns the position where needle exists. If not found, returns FALSE.

Hot link judgment code: asd.php

<?php
//防盗链技术
//先判断是否获取到 $_SERVER[&#39;HTTP_REFERER&#39;] 变量
if(isset($_SERVER[&#39;HTTP_REFERER&#39;])){
  //判断$_SERVER[&#39;HTTP_REFERER&#39;]是不是以http://localhost/开始的
  if(strpos($_SERVER[&#39;HTTP_REFERER&#39;],"http://localhost")==0){
    echo &#39;<img src="a.png"/>&#39;;
  }
  else{
    header("Location:warning.php");//跳转页面到warning.php
    //echo $_SERVER["HTTP_REFERER"];
  }
}
else {
  header("Location:warning.php");
}
?>

Copy after login

warning.php

<html>
<b>倒链</b>
</html>

Copy after login

Anti-theft Chain verification code

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<a href="http://localhost/wml/asd.php" rel="external nofollow" >验证防盗链</a>
</body>
</html>

Copy after login

The above is the understanding principle

Generally prevent hot links by configuring the server, such as nginx configuration access

( gif|jpg|jpeg|png|bmp|swf) Whitelist of other files

The above is the detailed content of Detailed explanation of how to prevent hotlinking using PHP. For more information, please follow other related articles on the PHP Chinese website!